Next-Generation Technologies & Secure Development , Threat Hunting
Jamf Buys ZecOps to Detect Advanced Hacks on Mobile DevicesZecOps to Extend Jamf's Ability to See Sophisticated Threats on Mac, iOS & Android
Threat actors are targeting mobile devices to steal data and user credentials, with a relatively new focus on Apple devices. Jamf, a Minneapolis-based Apple enterprise management vendor, has announced plans to purchase startup ZecOps to extend its ability to detect and respond to sophisticated threats across Mac, iOS and Android devices.
See Also: Webinar | How the SASE Architecture Enables Remote Work
Jamf says its proposed acquisition of San Francisco-based ZecOps will provide threat hunting capabilities to determine if any advanced attacks have compromised mobile devices, says CEO Dean Hager. ZecOps examines logs, processes and past crashes and then applies security and intelligence to data to determine whether a device has been compromised (see: Increased Enterprise Use of iOS, Mac Means More Malware).
"The bulk of the security marketplace is majorly focused on Windows," Hager tells Information Security Media Group. "The result of that is that Mac and mobile devices have not had as robust security solutions available to them as have Windows solutions."
Terms of the acquisition, which is expected to close by the end of 2022, weren't disclosed. All 22 members of the ZecOps team will receive employment offers from Jamf, according to Hager. ZecOps was co-founded and led by Zuk Avraham, who previously established Zimperium and served as its CEO and chairman. Former Cloudflare engineer Taly Slachevsky co-founded and worked as COO of ZecOps.
From Zero to $83.9M in Security
Jamf was focused exclusively on Apple device management as recently as 2018. Security now accounts for 18% - or $83.9 million - of the company's annual recurring revenue, based on the quarter ended June 30, according to regulatory filings. Jamf gained a foothold in security last year by purchasing Wandera, a provider of zero trust cloud security and access for mobile devices, for $409.3 million.
Combining telemetry from Wandera's prevention-focused technology with ZecOps' detection-focused technology will make each solution more intelligent and robust, according to Hager.
Hager says ZecOps has developed tools that make it easier to both access and interpret logs on iOS devices. The company can obtain logs on a trusted mobile device without requiring users to plug their iPhone into a Mac and view their logs from a desktop or laptop. In addition, ZecOps' intelligent software can interpret the logs to determine whether a sophisticated attack has occurred, Hager says.
Jamf plans to offer ZecOps' technology as a stand-alone tool following the close of the acquisition since the company doesn't have any overlapping capabilities in its portfolio. The firm will quickly modify the design paradigm to give it the look and feel of a Jamf product, and in the future it will make decisions about how to position, price and package ZecOps' technology with Jamf's existing security capabilities, he says.
Although ZecOps won’t initially interoperate with the Mac-focused Jamf Protect tool, Hager says he'd like to see the security events consolidated in a single location to minimize work for operations teams. Jamf currently offers VPN and threat defense capabilities for iOS and Android devices, but it won't have technology capable of detecting attacks that get through defenses until the ZecOps deal closes.
Bringing iOS Security to the Masses
Jamf historically has served the mass market with its Apple management and security capabilities, supporting 29 million devices across 69,000 customers, Hager says. Conversely, ZecOps has traditionally focused on highly regulated industries such as the government sector as well as high-value users within a business, Hager says.
Jamf will explore opportunities over time to bring ZecOps' technology to the broader market, but it doesn't have any immediate need to do so given the tool's appeal in compliance-driven industries, Hager says. ZecOps hasn't been supported by a robust go-to-market organization, given how new the company is, which means the startup will benefit from Jamf's sales and marketing expertise and personnel, he says.
From a metrics standpoint, Hager says Jamf will track the number of customers using ZecOps technology as well as the number of people and devices being protected.
"We now have a system that can examine the mobile device itself and do a level of sophisticated interpretation of potential attacks unlike any other solution," Hager says.